Major UK govt data leaks surface on dark net – media

Nine attempts to sell classified military documents have raised fears about threats to national security, experts say

A massive breach of UK government cybersecurity has exposed hundreds of passwords and sparked fears of deeper vulnerabilities, The Independent reported on Tuesday, citing a report. Cybersecurity analysts warned the leaks could pose a serious risk to public safety and critical infrastructure.

Over 700 email addresses and corresponding passwords from nine government domains have appeared on the dark net over the past year, according to the report by NordStellar, a threat exposure management platform that monitors the dark web.

The Ministry of Justice, Department for Work and Pensions, and Ministry of Defense are reportedly among the most affected departments. Additionally, nine separate attempts to sell classified documents linked to UK military and NATO operations were registered, according to the report.

The Home Office, Foreign, Commonwealth and Development Office, Department for Transport, UK Parliament, Department of Health and Social Care, and HM Revenue and Customs have also reportedly had log-in details leaked in the past year.

The leaks could give hackers access to sensitive systems such as police records, infrastructure networks, and databases containing citizens’ private information, according to head of product at NordStellar, Vakaris Noreika, as cited by the newspaper. The expert urged immediate action to close serious cybersecurity gaps.

Read more

Massive cyber threat wave hits African state

Gareth Mott, a cybersecurity analyst at the Royal United Services Institute, also warned that the leaked data could significantly impact national security, public trust, and even the economy, depending on its nature and how it is exposed.

“All it takes is for one account to be active still, and that’s a potential initial attack vector,” Mott was quoted as saying.

The UK has seen a growing number of high-profile cyberattacks in recent years. Earlier this year, the Legal Aid Agency was hacked, exposing years of personal data. In June, HMRC revealed that £47 million ($63 million) was stolen through phishing attacks on taxpayer accounts. Even private sector giants such as M&S, Jaguar Land Rover, and the Co-op have suffered breaches claimed by ransomware groups active on the dark net.

In January, the National Audit Office warned that government departments are lagging behind in cyber security, calling the national threat “severe and advancing quickly.”